-
Notifications
You must be signed in to change notification settings - Fork 0
Configure a robot from scratch
- Install Ubuntu OS
- Install ROS
- Install Graphics Drivers and Packages
- Configure the bwilab User Account
- Configure Network Connections
- Setup the Wireguard VPN
- Setup LDAP User Authentication
- a usb drive
- to be located on the UT network
Install Ubuntu according to the official instructions.
Use Ubuntu 22.04 LTS release.
- Set up disk encryption ("Advanced options" under "Erase disk and install Ubuntu" - use the appropriate password).
- If you're required to set up secure boot, you can use any password for that; that password is only used during installation (ref). You'll enter that password under the "Enroll MOK" option after you reboot the first time and then you no longer need it.
Create the username bwilab with the correct password, and fill in the appropriate host name. If you need to make up a new one, pick an unused Futurama character.
Do not create user bwi, that is defined via LDAP.
After initial installation completes, remove USB key and reboot.
For "bwilab" to be able to run the robot, it must belong to the "dialout" group:
sudo usermod -aG dialout bwilab
For the robot to have authorized access to the lab server: build, install, and configure the "bwi_lab" repository. You must be logged in as "bwilab" for this step.
Update the apt repository and upgrade packages with
sudo apt update && sudo apt upgrade -y
You may need to restart your system to use all the device drivers properly.
Add Visual Studio Code repo:
Import the GPG key provided by Microsoft to verify the package integrity. Enter:
wget -q https://packages.microsoft.com/keys/microsoft.asc -O- | sudo apt-key add -
Add the Visual Studio Code repository to your system:
sudo add-apt-repository "deb [arch=amd64] https://packages.microsoft.com/repos/vscode stable main"
Add the vcs-tool repo:
curl -s https://packagecloud.io/install/repositories/dirk-thomas/vcstool/script.deb.sh | sudo bash
After enabling the repositories, install vscode and other useful packages by running:
sudo apt update && \
sudo apt install code emacs gnome-tweaks openssh-server openssh-client terminator vim nano git mercurial sshfs subversion libtbb-dev build-essential software-properties-common apt-transport-https wget python3-vcstool
The easiest method for installing the NVIDIA graphics card divers is to use the Ubuntu Software & Updates application. Choose this application from the applications list, and select the "Additional Drivers" tab.
Choose "NVIDIA driver metapackage from nvidia-driver-<2nd-latest-version>(proprietary)".
Then select the "Apply Changes" button to install and apply the selected drivers. The NVIDIA drivers require restart and may also require accepting the MOK on secure boot.
Version: CUDA Toolkit 11.8
Visit https://developer.nvidia.com/cuda-11-8-0-download-archive and enter the following configuration to get install instructions:
OS: Linux
Architecture: x86_64
Distribution: Ubuntu
Version: 22.04
Installer type: deb(local)
- Install Docker with docker compose according to the official instructions for Ubuntu 22.04.
- Install Nvidia Docker Container Toolkit according to the official instructions for Ubuntu 22.04. Be sure you are following the section for installing the package
nvidia-container-toolkit.
If you encounter an error about mismatched NVIDIA drivers, it is most likely that the runtime driver has not updated to the latest package installation version. You can verify this by checking that the versions match from the two commands below. The solution is to simply reboot and do the container runtime configuration again.
Verify the output of these match:
cat /proc/driver/nvidia/version # the loaded kernel version
dpkg -l | grep nvidia-driver # the installed version
Redo the runtime configuration steps and verify by running nvidia-smi in the sample cuda container:
sudo nvidia-ctk runtime configure --runtime=docker
sudo systemctl restart docker
sudo docker run --rm --runtime=nvidia --gpus all nvidia/cuda:11.6.2-base-ubuntu20.04 nvidia-smi
- Lastly, follow the post-installation step for creating a docker group and adding users to it.
Robots connect to the utexas-iot wifi network. LARG lab uses a lab EID to manage devices and their passwords for this network. If you are setting up a computer that was previously connected, then it likely already has a password assigned, which can be found at network.utexas.edu and logging in with the LARG group EID.
To add a new device, locate the computer's wifi interface mac address in the details for device named wlp* in the list provided by the following command:
ip a
Add the device to the LARG group utexas-iot wireless devices. If you do not know the password for LARG utexas-iot devices, ask a Research Engineer or lab faculty to share the credentials over the UT Stache password manager. After adding the new device to the wireless devices list, use the generated password to login to the utexas-iot wi-fi.
Setup udev rules for usb devices:
sudo wget -P /etc/udev/rules.d/ https://raw.githubusercontent.com/utexas-bwi/segbot_bringup/main/udev/99-hokuyo.rules && \
sudo wget -P /etc/udev/rules.d/ https://raw.githubusercontent.com/utexas-bwi/segbot_bringup/main/udev/10-kinova-arm.rules && \
sudo wget -P /etc/udev/rules.d/ https://raw.githubusercontent.com/utexas-bwi/segbot_bringup/main/udev/99-arduino.rules && \
sudo wget -P /etc/udev/rules.d/ https://raw.githubusercontent.com/utexas-bwi/segbot_bringup/main/udev/99-segway_rmp.rules
Reboot or run
sudo udevadm control --reload-rules && sudo udevadm trigger
Finally, we may need to manually configure some Ethernet ports, depending on the devices attached.
These are done using the graphical network manager, so it will be easy to switch back to wired Internet connection, if needed.
For the Ethernet-attached Segway bases:
In network manager, "Edit connections...", then select the correct "wired connection". Unfortunately, that may require some trial and error. Try connecting the Ethernet wire first, and see if one of the connections shows up highlighted.
Connection Name: Segway RMP 110
IPv4 Settings: Manual
address: 10.66.171.1
netmask: 255.255.255.0
gateway: <blank>
Select "require IPv4 addressing for this connection to complete".
For an Ethernet-attached Hokuyo laser:
In network manager, "Edit connections...", then select "wired connection 1".
Connection Name: 192.168.0.X
IPv4 Settings: Manual
address: 192.168.0.1
netmask: 255.255.255.0
gateway: <blank>
Select "require IPv4 addressing for this connection to complete".
For machines with a Velodyne LIDAR attached, configure it on a separate port, following these directions:
The robots use the AMRL Wireguard VPN to communicate with other machines on the same virtual network. This enables several things:
- A specific IP assignment
- Secure connection to the virtual network
- Communication with robofleet_server and other robofleet_clients, including the web client at https://robofleet.csres.utexas.edu
- Install wireguard and tools:
sudo apt-get install wireguard wireguard-tools
- Find the config file and public and private keys for the machine on UT Box and save them in the directory below (requires sudo access). To create a new config, edit
/etc/wireguard/wg0.confusing the settings in the AMRL github amrl-documentation repo.:
/etc/wireguard/
- Start the wireguard interface with
sudo wg-quick up wg0
- Check that the machine has successfully connected to the AMRL server with
ping (the server ip)
you should receive a response
- Make VPN connection come up on boot:
sudo systemctl enable wg-quick@wg0
LDAP stands for Lightweight Directory Access Protocol. We use it to share user and group identifiers within the lab. We maintain an LDAP server that serves authentication to LDAP client machines so that lab members may login to any client machine with their own username and password. As such, robots are setup as LDAP clients.
sudo apt-get install libnss-ldapd libpam-ldap nscd
You will be asked some configuration questions. Answer them carefully.
For LDAP: Set the server URI to:
ldap://nixons-head.csres.utexas.edu/bwildapadmin
Make sure it's not “ldapi:”.
Set the server LDAP search base to:
dc=nixons-head,dc=csres,dc=utexas,dc=edu
For libnss-ldapd configuration, select: “group”, “passwd”, and “shadow”.
If you have any trouble adding the group, passwd and shadow selections, you can also make them afterward by editing /etc/nsswitch.conf and adding ldap to the end of each matching line.
Set the LDAP version to 3.
Again, set the server URI to:
ldap://nixons-head.csres.utexas.edu/bwildapadmin
And again, set the distinguished name of the search base:
dc=nixons-head,dc=csres,dc=utexas,dc=edu
Make local root Database admin: Yes
Does the LDAP database require login? No
LDAP account for root:
cn=admin,dc=nixons-head,dc=csres,dc=utexas,dc=edu
Set the LDAP root account password to the appropriate value.
If you make a mistake and need to change a value, go through the menu again by issuing this command:
sudo dpkg-reconfigure ldap-auth-config
Edit the /etc/ldap.conf file:
sudo vim /etc/ldap.conf
# Make sure local logins still work, even when networking
# is disabled for some reason (e.g. while booting).
timelimit 120
bind_timelimit 120
idle_timelimit 3600
# This leads to a delay of 124 seconds (4+8+16+32+64=124)
# per lookup if the server is not available.
nss_reconnect_tries 5 # no. of times to double the sleep time
nss_reconnect_sleeptime 4 # initial sleep value
nss_reconnect_maxsleeptime 64 # max sleep value to cap at
nss_reconnect_maxconntries 2 # how many tries before sleeping
Make sure there is a final newline at the end.
Edit the /etc/pam.d/common-session file:
sudo vim /etc/pam.d/common-session
Before the "session optional pam_ldap.so" line, add this:
session required pam_mkhomedir.so skel=/etc/skel umask=0022
This will create a home directory on the client machine when an LDAP user logs in who does not have a home directory.
Restart the service for these changes to be implemented:
sudo systemctl restart nscd
Login using your own LDAP user account:
ssh joq@localhost
Give the correct password. Verify the home directory, and group memberships:
$ id
uid=10047(joq) gid=10000(bwi) groups=10000(bwi),20(dialout),27(sudo),10002(fri)
$ pwd
/home/users/joq
$ ls -l
-rw-r--r-- 1 joq bwi 8980 Jul 15 18:05 examples.desktop
Or, something similar.
Logout using ^D or exit.
Make snap packages available to LDAP users by adding the LDAP home directories to apparmor:
sudo dpkg-reconfigure apparmor
When prompted enter this in the "Additional home directory locations" field:
/home/users/
You will need to reboot for the change to take effect.
Running the BWI stack is possible on Ubuntu 22.04 LTS using the bwi-docker package. Running the basic visit doors demo requires a postgres database, which is also a docker container. To setup, install postgres_docker, populate it with data, and create a service to start the postgres server on boot. The server will run in the background and any users on the machine can access it from their own bwi-docker instance.
Follow the instructions on the linked repo readme files to install and setup your containers. Then, setup the services with:
sudo cp ~/postgres_docker/services/start-postgres.sh /usr/sbin/ && \
sudo cp ~/postgres_docker/services/start-postgres.service /etc/systemd/system/
Make the start-postgres.sh script executable:
sudo chmod u+x /usr/sbin/start-postgres.sh
Enable the service on startup:
sudo systemctl enable start-postgres.service
Install bwi-docker and run the visit doors demo.
You may also run the basic tests, as described here: Segbot Regression Testing